On Mar 9, 2009, at 8:35 AM, Suresh Ramasubramanian wrote:
If your sole goal in ADSP is "declare that domain x signs all mail"
then there could be a far simpler and more cut down version of ADSP
that'd fit the bill.
Agreed. It should not force double signing, for example.
To wit - the "locked ADSP record" part. And if that's all that is
required .. why then, I dont see why that part of it cant be
shoehorned into the base 4871 spec somehow - perhaps in -bis as a
newly defined tag.
This terminology is from a different draft where "all" was changed to
"CLOSED" and "discardable" to "LOCKED". The DKIM public key is not
directly referenced from the email-address domain, it needs a selector
to be discovered. This policy is to be applied when no signature is
found. There does not seem to be any practical advantage attempting
to overload the DKIM public key record, nor would a signature tag be
that much help.
-Doug
-
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html